Im not even sure if this would be the right place to course this, so please don't shoot me.
We are currently looking towards a skilled service desk "one-stop-shop" approach by giving the Service Desk functional team more technical tasks. These new tasks would include NT account creations/deletions for users, delete/create/modify/increase size of user mailboxes, assigning phone extensions, etc. These jobs were once done by various support groups. (network, systems, telephony) And getting it done by the Service Desk Team would mean they would need access to the various systems that the support groups use.

Which brings me to my main concern: security risk- I feel like the managers of these groups would initially oppose the idea of providing access to their systems. while I'm not even sure if this would be a security breach. Is it possible to address this concern which would obviously be a major hurdle in getting management buy-in towards this process improvement? can they be convinced otherwise? if mitigating this risk would be beneficial to the overall service operations? any inputs would be really helpful. Thank you.